Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/O21PmEESsHcWH1s73UbR7OXDyww.roa
File: O21PmEESsHcWH1s73UbR7OXDyww.roa (raw, json)
Hash identifier: 3xNbtD0DThqqZ5mmtAKxAxa1GbzWkg09G7I1Ee+erXs=
Subject key identifier: 3B:6D:4F:98:41:12:B0:77:16:1F:5B:3B:DD:46:D1:EC:E5:C3:CB:0C
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 01941FFA77973CE04EABF88261E07F3690A2
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/O21PmEESsHcWH1s73UbR7OXDyww.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 45.87.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:77:97:3c:e0:4e:ab:f8:82:61:e0:7f:36:90:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b6d4f984112b077161f5b3bdd46d1ece5c3cb0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0e:0b:30:0a:5f:33:1f:87:83:6d:f3:5c:70:
cb:6a:7d:9e:f9:cc:f5:bd:c6:3f:11:d0:fd:1c:3d:
76:f5:3d:72:6b:15:f8:da:72:40:95:12:ef:21:03:
ce:90:20:b8:51:99:e6:89:e6:81:30:15:7e:92:37:
ad:26:76:68:5a:bd:a2:c7:7a:ca:2c:b5:36:c1:c8:
b1:7e:50:d3:f1:d6:46:30:99:6a:96:11:81:17:c3:
a3:fe:69:59:b4:db:54:e3:0d:dd:30:dc:6b:41:a1:
66:75:49:16:2d:60:a7:24:6d:95:02:3c:b4:fb:cb:
0a:11:37:8e:cf:1c:cf:14:61:9f:a0:e6:ed:a4:4e:
e5:7a:af:3a:84:44:12:13:de:6b:91:47:4c:1c:5a:
f4:2e:0d:e4:27:a0:f2:67:3c:40:aa:7a:41:c4:5c:
99:94:50:81:64:f6:d6:74:60:8a:9e:dc:26:1f:2d:
c4:bf:cc:d5:40:e1:e0:3f:aa:43:e0:b0:54:ed:8f:
13:b8:52:05:b3:f5:0a:a5:50:33:90:a7:1e:72:49:
75:09:8c:d1:a5:49:87:bc:23:bd:82:87:08:1a:e0:
6a:8c:8e:79:f4:1a:1b:5f:e4:b7:e7:4e:a1:64:a0:
e9:59:68:45:b5:54:90:0d:be:6c:55:bc:21:e3:97:
c9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6D:4F:98:41:12:B0:77:16:1F:5B:3B:DD:46:D1:EC:E5:C3:CB:0C
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/O21PmEESsHcWH1s73UbR7OXDyww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.101.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:80:33:c9:9f:5d:72:16:ae:ff:c5:98:07:40:c4:03:4e:b7:
2c:9f:f4:5e:0f:55:c8:0f:97:d8:d2:56:09:4e:c8:bc:a6:16:
78:28:fa:e8:7d:58:6e:82:03:f0:25:12:35:25:db:e7:6c:44:
71:f6:21:f9:2a:4d:c2:a0:76:2e:8f:2c:0e:73:94:21:54:44:
b8:97:51:3e:95:2e:74:88:48:5b:c7:a4:dd:4a:37:98:f8:c2:
4a:ab:37:65:45:24:a2:12:08:fd:71:e2:58:02:57:dd:a0:b6:
80:10:ec:72:e6:ef:97:60:f3:e2:8c:8c:a2:d3:5a:68:11:d8:
b8:f1:04:dc:b5:a0:2f:1d:39:74:92:d7:14:36:68:e1:63:0d:
c9:18:62:3c:75:96:32:b9:32:3e:c2:20:cb:fd:80:80:6d:5c:
78:b5:67:51:c9:84:63:da:25:3d:86:8f:7b:25:9a:f5:cb:6e:
38:cd:12:3e:04:bc:0a:16:30:b3:eb:c4:d4:0b:ab:47:bd:3e:
1b:df:6f:4b:67:3a:37:fd:c5:9c:ba:3a:1a:fd:10:ba:fa:8b:
95:2b:58:f3:1d:6a:95:b9:9a:2e:e0:77:ef:e0:8d:de:ba:0d:
bb:36:57:fd:99:32:92:d6:e3:3f:9e:ee:ea:21:3d:44:f5:8e:
65:7f:f0:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+neXPOBOq/iCYeB/NpCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZkNGY5ODQxMTJiMDc3MTYxZjViM2JkZDQ2ZDFlY2U1YzNjYjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA4LMApfMx+Hg23zXHDLan2e+cz1
vcY/EdD9HD129T1yaxX42nJAlRLvIQPOkCC4UZnmieaBMBV+kjetJnZoWr2ix3rK
LLU2wcixflDT8dZGMJlqlhGBF8Oj/mlZtNtU4w3dMNxrQaFmdUkWLWCnJG2VAjy0
+8sKETeOzxzPFGGfoObtpE7leq86hEQSE95rkUdMHFr0Lg3kJ6DyZzxAqnpBxFyZ
lFCBZPbWdGCKntwmHy3Ev8zVQOHgP6pD4LBU7Y8TuFIFs/UKpVAzkKceckl1CYzR
pUmHvCO9gocIGuBqjI559BobX+S3506hZKDpWWhFtVSQDb5sVbwh45fJHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDttT5hBErB3Fh9bO91G0ezlw8sMMB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvTzIxUG1FRVNzSGNXSDFzNzNVYlI3T1hEeXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdlMA0G
CSqGSIb3DQEBCwUAA4IBAQBqgDPJn11yFq7/xZgHQMQDTrcsn/ReD1XID5fY0lYJ
Tsi8phZ4KProfVhuggPwJRI1JdvnbERx9iH5Kk3CoHYujywOc5QhVES4l1E+lS50
iEhbx6TdSjeY+MJKqzdlRSSiEgj9ceJYAlfdoLaAEOxy5u+XYPPijIyi01poEdi4
8QTctaAvHTl0ktcUNmjhYw3JGGI8dZYyuTI+wiDL/YCAbVx4tWdRyYRj2iU9ho97
JZr1y244zRI+BLwKFjCz68TUC6tHvT4b329LZzo3/cWcujoa/RC6+ouVK1jzHWqV
uZou4Hfv4I3eug27Nlf9mTKS1uM/nu7qIT1E9Y5lf/Di
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:12:04 2025 by rpki-client